---
layout: api
page_title: /sys/quotas/config - HTTP API
description: The `/sys/quotas/config` endpoint is used to configure rate limit quotas.
---

# `/sys/quotas/config`

The `/sys/quotas/config` endpoint is used to configure rate limit quotas.

## Create or Update the Rate Limit Configuration

| Method | Path                 |
| :----- | :------------------- |
| `POST` | `/sys/quotas/config` |

### Parameters

- `rate_limit_exempt_paths` `([]string: [])` - Specifies the list of exempt paths
  from all rate limit quotas. If empty no paths will be exempt.
- `enable_rate_limit_audit_logging` `(bool: false)` - If set, starts audit logging
  of requests that get rejected due to rate limit quota rule violations.
- `enable_rate_limit_response_headers` `(bool: false)` - If set, additional rate
  limit quota HTTP headers will be added to responses.

### Sample Payload

```json
{
  "rate_limit_exempt_paths": [
    "sys/internal/ui/mounts",
    "sys/generate-recovery-token/attempt",
    "sys/generate-recovery-token/update",
    "sys/generate-root/attempt",
    "sys/generate-root/update",
    "sys/health",
    "sys/seal-status",
    "sys/unseal"
  ],
  "enable_rate_limit_audit_logging": true,
  "enable_rate_limit_response_headers": true
}
```

### Sample Request

```shell-session
$ curl \
    --request POST \
    --header "X-Vault-Token: ..." \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/quotas/config
```

## Get the Rate Limit Configuration

| Method | Path                 |
| :----- | :------------------- |
| `GET`  | `/sys/quotas/config` |

### Sample Request

```shell-session
$ curl \
    --request GET \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/quotas/config
```

### Sample Response

```json
{
  "request_id": "259801bd-a0c9-9350-8eb9-26c91afd19c6",
  "lease_id": "",
  "lease_duration": 0,
  "renewable": false,
  "data": {
    "enable_rate_limit_audit_logging": false,
    "enable_rate_limit_response_headers": false,
    "rate_limit_exempt_paths": [
      "sys/internal/ui/mounts",
      "sys/generate-recovery-token/attempt",
      "sys/generate-recovery-token/update",
      "sys/generate-root/attempt",
      "sys/generate-root/update",
      "sys/health",
      "sys/seal-status",
      "sys/unseal"
    ]
  },
  "warnings": null
}
```
